<?php
require_once(dirname(__FILE__). '/include/applicationwap.php');

/* magic_quota_gpc */
//$_GET = magic_gpc($_GET);
//$_POST = magic_gpc($_POST);
$_COOKIE = magic_gpc($_COOKIE);

//php ��������post,get�������  

 if (get_magic_quotes_gpc()) {  

$_GET = stripslashes_array($_GET);  

 $_POST = stripslashes_array($_POST);  

 }  

  function dowith_sql($str)
{
   $str = str_replace("and","",$str);
   $str = str_replace("execute","",$str);
   $str = str_replace("update","",$str);
   $str = str_replace("count","",$str);
   $str = str_replace("chr","",$str);
   $str = str_replace("mid","",$str);
   $str = str_replace("master","",$str);
   $str = str_replace("truncate","",$str);
   $str = str_replace("char","",$str);
   $str = str_replace("declare","",$str);
   $str = str_replace("select","",$str);
   $str = str_replace("create","",$str);
   $str = str_replace("delete","",$str);
   $str = str_replace("insert","",$str);
   $str = str_replace("'","",$str);

   $str = str_replace(" ","",$str);
   $str = str_replace("or","",$str);
   $str = str_replace("=","",$str);
   $str = str_replace("%20","",$str);
   //echo $str;
   return $str;
}
  

 function stripslashes_array(&$array) {  

 while(list($key,$var) = each($array)) {  

 if ($key != 'argc' && $key != 'argv' && (strtoupper($key) != $key || ''.intval($key) == "$key")) {  

 if (is_string($var)) {  

 $array[$key] = stripslashes($var);  

 }  

 if (is_array($var))  {  

$array[$key] = stripslashes_array($var);  

 }  

 }  

 }  

 return $array;  

}  

//--------------dl

// �滻HTMLβ��ǩ,Ϊ���˷���
	//--------------------------
	function lib_replace_end_tag($str)
	{
	if (empty($str)) return false;
	$str = htmlspecialchars($str);
	$str = str_replace( '/', "", $str);
	$str = str_replace("\\", "", $str);
	$str = str_replace("&amp;gt", "", $str);
	$str = str_replace("&amp;lt", "", $str);
	$str = str_replace("&lt;SCRIPT&gt;", "", $str);
	$str = str_replace("&lt;/SCRIPT&gt;", "", $str);
	$str = str_replace("&lt;script&gt;", "", $str);
	$str = str_replace("&lt;/script&gt;", "", $str);
	$str=str_replace("select","select",$str);
	$str=str_replace("join","join",$str);
	$str=str_replace("union","union",$str);
	$str=str_replace("where","where",$str);
	$str=str_replace("insert","insert",$str);
	$str=str_replace("delete","delete",$str);
	$str=str_replace("update","update",$str);
	$str=str_replace("like","like",$str);
	$str=str_replace("drop","drop",$str);
	$str=str_replace("create","create",$str);
	$str=str_replace("modify","modify",$str);
	$str=str_replace("rename","rename",$str);
	$str=str_replace("alter","alter",$str);
	$str=str_replace("cas","cast",$str);
	$str=str_replace("&amp;","&amp;",$str);
	$str=str_replace("&gt;","&gt;",$str);
	$str=str_replace("&lt;","&lt;",$str);
	$str=str_replace(" ",chr(32),$str);
	$str=str_replace(" ",chr(9),$str);
	$str=str_replace("    ",chr(9),$str);
	$str=str_replace("&amp;",chr(34),$str);
	$str=str_replace("'",chr(39),$str);
	$str=str_replace("&lt;br /&gt;",chr(13),$str);
	$str=str_replace("''","'",$str);
	$str=str_replace("css","'",$str);
	$str=str_replace("CSS","'",$str);
	
	return $str;
	
	}

/* process currefer*/
$currefer = uencode(strval($_SERVER['REQUEST_URI']));

/* session,cache,configure,webroot register */
Session::Init();
$INI = ZSystem::GetINI();
/* end */

/* date_zone */
if(function_exists('date_default_timezone_set')) { 
	date_default_timezone_set($INI['system']['timezone']); 
}
/* end date_zone */


/* biz logic */
$currency = $INI['system']['currency'];
$login_user_id = ZLogin::GetLoginId();
$login_user = Table::Fetch('user', $login_user_id);
$hotcities = option_hotcategory('city', false, true);
$allcities = option_category('city', false, true);
$city = cookie_city(null);

if (!isset($_COOKIE['referer'])) {
	setcookie('referer',$_SERVER['HTTP_REFERER']);
}

/* not allow access app.php */
if($_SERVER['SCRIPT_FILENAME']==__FILE__){
	redirect( WEB_ROOT . '/index.php');
}
/* end */
$AJAX = ('XMLHttpRequest' == @$_SERVER['HTTP_X_REQUESTED_WITH']);
if (false==$AJAX) { 
	header('Content-Type: text/html; charset=UTF-8'); 
	run_cron();
} else {
	header("Cache-Control: no-store, no-cache, must-revalidate");
}


/* city */
$cities = DB::LimitQuery('category', array(
	'condition' => array( 'zone' => 'city') ,
	'order' => 'ORDER BY sort_order DESC',
));
$cities = Utility::AssColumn($cities, 'letter', 'ename');